From 60b4200bc6fee69384da990bb7884f58577fc724 Mon Sep 17 00:00:00 2001 From: Jordan Borean Date: Wed, 30 Mar 2022 10:36:56 +1000 Subject: [PATCH] winrm - ensure callers PATH for kinit is set (#77401) * winrm - ensure callers PATH for kinit is set * Fix unit test expectations * Fix type annotation --- changelogs/fragments/winrm-kinit-path.yml | 2 ++ lib/ansible/plugins/connection/__init__.py | 3 ++- lib/ansible/plugins/connection/winrm.py | 2 +- test/units/plugins/connection/test_winrm.py | 8 ++++++-- 4 files changed, 11 insertions(+), 4 deletions(-) create mode 100644 changelogs/fragments/winrm-kinit-path.yml diff --git a/changelogs/fragments/winrm-kinit-path.yml b/changelogs/fragments/winrm-kinit-path.yml new file mode 100644 index 00000000000..574a02bbf9f --- /dev/null +++ b/changelogs/fragments/winrm-kinit-path.yml @@ -0,0 +1,2 @@ +bugfixes: +- winrm - Ensure ``kinit`` is run with the same ``PATH`` env var as the Ansible process diff --git a/lib/ansible/plugins/connection/__init__.py b/lib/ansible/plugins/connection/__init__.py index fd555c8e394..daa683ce30b 100644 --- a/lib/ansible/plugins/connection/__init__.py +++ b/lib/ansible/plugins/connection/__init__.py @@ -8,6 +8,7 @@ __metaclass__ = type import fcntl import os import shlex +import typing as t from abc import abstractmethod from functools import wraps @@ -48,7 +49,7 @@ class ConnectionBase(AnsiblePlugin): # When running over this connection type, prefer modules written in a certain language # as discovered by the specified file extension. An empty string as the # language means any language. - module_implementation_preferences = ('',) # type: tuple[str, ...] + module_implementation_preferences = ('',) # type: t.Iterable[str] allow_executable = True # the following control whether or not the connection supports the diff --git a/lib/ansible/plugins/connection/winrm.py b/lib/ansible/plugins/connection/winrm.py index f4720238f45..4f513a89410 100644 --- a/lib/ansible/plugins/connection/winrm.py +++ b/lib/ansible/plugins/connection/winrm.py @@ -320,7 +320,7 @@ class Connection(ConnectionBase): display.vvvvv("creating Kerberos CC at %s" % self._kerb_ccache.name) krb5ccname = "FILE:%s" % self._kerb_ccache.name os.environ["KRB5CCNAME"] = krb5ccname - krb5env = dict(KRB5CCNAME=krb5ccname) + krb5env = dict(PATH=os.environ["PATH"], KRB5CCNAME=krb5ccname) # Add any explicit environment vars into the krb5env block kinit_env_vars = self.get_option('kinit_env_vars') diff --git a/test/units/plugins/connection/test_winrm.py b/test/units/plugins/connection/test_winrm.py index a0ba76a61ad..c3245ccb010 100644 --- a/test/units/plugins/connection/test_winrm.py +++ b/test/units/plugins/connection/test_winrm.py @@ -6,6 +6,8 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type +import os + import pytest from io import StringIO @@ -255,8 +257,9 @@ class TestWinRMKerbAuth(object): assert len(mock_calls) == 1 assert mock_calls[0][1] == expected actual_env = mock_calls[0][2]['env'] - assert list(actual_env.keys()) == ['KRB5CCNAME'] + assert sorted(list(actual_env.keys())) == ['KRB5CCNAME', 'PATH'] assert actual_env['KRB5CCNAME'].startswith("FILE:/") + assert actual_env['PATH'] == os.environ['PATH'] @pytest.mark.parametrize('options, expected', [ [{"_extras": {}}, @@ -287,8 +290,9 @@ class TestWinRMKerbAuth(object): mock_calls = mock_pexpect.mock_calls assert mock_calls[0][1] == expected actual_env = mock_calls[0][2]['env'] - assert list(actual_env.keys()) == ['KRB5CCNAME'] + assert sorted(list(actual_env.keys())) == ['KRB5CCNAME', 'PATH'] assert actual_env['KRB5CCNAME'].startswith("FILE:/") + assert actual_env['PATH'] == os.environ['PATH'] assert mock_calls[0][2]['echo'] is False assert mock_calls[1][0] == "().expect" assert mock_calls[1][1] == (".*:",)